The module you will build is called the Auth Module and allows for a feature known as a Rotatable Wallet.

This builds on earlier knowledge and helps demonstrate how keysets can be used at the "row level" to guard assets. It’s an example of how a Pact smart contract can manage user keysets in a decentralized fashion allowing users to update information based on their keyset. The ability to change keyset values is referred to as rotating keysets.

By creating this module, you’ll be able to effectively create smart contracts that guard assets at a row level and take advantage of functions that allow users to update information in tables.

Before getting into the code, take some time to review what you’ll be building. This smart contract can be broken down into steps focused on 4 core areas that include the keysets, module, table, and functions.

The details of each step will be described as you progress through the tutorial. Each step will include a short description ending with a code challenge. If you get stuck, you can always look at the hints or solutions we provide.

In this step, you will create a function that allows the operate-admin to add rows to the users table.

Code Challenge

Define a function named create-user that takes 3 arguments; id, nickname, and keyset. Next, restrict access for function calls to the operate-admin. Finally, insert a row into the users table using the inputs specified by the user.

It’s sometimes useful to restrict access to data to specific users. For example, users may not want others to see the balance of their account or other sensitive information. This can be done in Pact by enforcing access to rows of data using row-level keysets.

The first step toward making this happen is to be able to view the keyset associated with a specific id. The following function shows an example of reading a keyset in a specific row from a given id.

This function doesn’t yet give any access to the data in a row. It’s purpose is for other functions to call on it in the case that they want to do something like place row level restrictions on data. This will be valuable shortly when you write code that needs to call this function.

Code Challenge

Define a function named enforce-user-auth that returns the keyset associated with a given id.

Once you can restrict access to data, you’re ready to allow users to take specific actions based on the data they have access to. For example, a user may want to update their profile name, or make changes to sensitive information that other users should not be able to access.

To do that, you can write a function that utilizes the previous function you created. From there, you can add in functionality that allows users to update their data.

Here is an example function update-data that allows users to update existing information. It leverages the previous example function enforce-keyset-of-id to make an update to a row in the table example-table.

Now that users can update their name, you can apply this same functionality to other information.

For example, you can allow users to update their keyset. The ability to update keysets is known as ‘rotating keysets’ and this is where the name ‘Rotatable wallets’ came from for this demonstration. This feature is comparable to being able to update a password, and it’s an extremely useful feature to have in an application.

For this final function, use the information learned from previous steps to add rotating keysets as a feature of your smart contract.

Code Challenge

Define a function named rotate-keyset that allows the owner of a keyset to change their keyset.

Throughout this tutorial, you built a smart contract named Rotatable Wallets that demonstrated many important Pact features that you learned throughout previous tutorials.

Most importantly, you showed how modules can be permissioned to ensure the security of running your code on a decentralized network and allow for row level permissions when necessary.

Having the ability to permission modules is an extremely valuable feature of Pact, and you can use this in many other applications in the future. Take some time now to experiment with this feature to try applying it in new situations.

When you’re ready, move to the next tutorial to continue building Pact applications!